In the second version, we created a filtering method that peers
into the request’s IP. It returns true if the request is indeed
ikura’s IP. Otherwise, it complains to the request with a
‘403’ restricted access error.

If you want to perform the restriction more abstractly,
consult this Rails
guide
on the matter. You can perform behind-the-scenes magic this way;
it’s your choice how you ultimately go about it.

So, there you have it. Locking down your Rails API end-points for
only ikura to see is frighteningly simple. It only takes a few
lines of code & should prove effective and straightforward to any
web developer.